aspose file tools*
The moose likes JDBC and the fly likes Let MySQL MD5 or let Java MD5 Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Databases » JDBC
Bookmark "Let MySQL MD5 or let Java MD5" Watch "Let MySQL MD5 or let Java MD5" New topic
Author

Let MySQL MD5 or let Java MD5

Gregg Bolinger
GenRocket Founder
Ranch Hand

Joined: Jul 11, 2001
Posts: 15299
    
    6

I don't know if it really comes down to preference or performance, but I was wanting some opinions on this.
Should I let JAVA Security MD5 my passwords so that I can insert and verify passwords stored in MySQL, or should I just use MySQL's MD5 function in the SQL Statement?
The only thing I am concerned with if letting MySQL handle this is if I want to support different DB Vendors.
[ September 19, 2003: Message edited by: Gregg Bolinger ]

GenRocket - Experts at Building Test Data
David O'Meara
Rancher

Joined: Mar 06, 2001
Posts: 13459

I like to let the database do it, although I agree that it is something that may introduce vendor-lockin.
The reason I prefer it in the database is that it enforces password security in the database. If Java is responsible you run the risk of someone accidentally or deliberately not encrypting the password.
Gregg Bolinger
GenRocket Founder
Ranch Hand

Joined: Jul 11, 2001
Posts: 15299
    
    6

Thanks David. I wonder how important multiple DB support is these days. To me, installing MySQL isn't that big of a deal, even if it is just for one app.
 
Consider Paul's rocket mass heater.
 
subject: Let MySQL MD5 or let Java MD5